Snowflake is cloud-based data storage and analytics service.
Prerequisites
1. Create the role READ_ONLY and assign it to a user (?)
2. Create a user CLOUDAWARE and assign the READ_ONLY role by default:
CREATE USER CLOUDAWARE DEFAULT_ROLE=READ_ONLY
3. Provide the role with access to Warehouse:
GRANT USAGE ON WAREHOUSE <warehouse_name> TO ROLE READ_ONLY
Snowflake Setup
Log in to your Cloudaware account → Admin.
Find Snowflake in the list of integrations, click +Add.
[screen]
Create or select KeyPair (in Snowflake?)
Copy publicKey and change the RSA_PUBLIC_KEY of the user:
alter user <username> set rsa_public_key='MI...'
Fill out the following fields:
[screen]
Account ID -
Username -
Warehouse - select one of the available warehouse
Click Save.
Levels of Access
Basic
GRANT IMPORTED PRIVILEGES ON DATABASE SNOWFLAKE TO ROLE READ_ONLY
Detailed
Snowflake Integration: GRANT USAGE ON INTEGRATION <integration_name> TO READ_ONLY
Snowflake Database: GRANT USAGE ON DATABASE <database_name> TO READ_ONLY
Snowflake Schema:
GRANT USAGE ON ALL SCHEMAS IN DATABASE <database_name> TO READ_ONLY
GRANT USAGE ON FUTURE SCHEMAS IN DATABASE <database_name> TO READ_ONLY
Snowflake Stage:
GRANT USAGE ON ALL STAGES IN DATABASE <database_name> TO READ_ONLY
GRANT USAGE ON FUTURE STAGES IN DATABASE <database_name> TO READ_ONLY
Snowflake Table:
GRANT REFERENCES ON ALL EXTERNAL TABLES IN DATABASE <database_name> TO READ_ONLY
GRANT REFERENCES ON FUTURE EXTERNAL TABLES IN DATABASE <database_name> TO READ_ONLY
Snowflake Pipe:
GRANT MONITOR ON PIPE <database_name>.<schema_name>.<pipe_name> TO READ_ONLY
GRANT MONITOR ON FUTURE PIPES IN DATABASE <database_name> TO READ_ONLY
List of Supported Objects
Cloudaware supports the following Snowflake objects:
Snowflake Account |